Every Second Counts: Hackers Steal BMWs in 3 Minutes

Every … second … counts, case in point: Hackers stealing a BMW 1M stolen without keys — in 3 minutes!

There’s a lesson here for all car owners: Thieves will always find a way to get into your car – what you need is real-time awareness of when/where someone tries to violate your vehicle.

This viral video from the UK posted below blew up in the last week, and has already landed half a million hits since July 3.

In it, the hackers exploit a security loophole, using gizmos that plug into the vehicle’s OBD port — then programming the blank key fobs and taking off in their new ill-gotten cars.

According to this recent Jalopnik piece posted on MSNBC’s Technolog, the car is entered, “either via nearby RF jammers that block the fob lock signal from reaching the car (preventing owners from securing their vehicles) or, more crudely, by breaking a window. … In cases of the window break, the thieves seem to be exploiting a gap in the car’s internal ultrasonic sensor system to avoid tripping the alarm.”

When the thieves get in — they hack into the vehicle key fob’s digital ID so that they can program a different fob to interact with the car. The hackers make that work by first connecting some kind of device to the soon-to-be stolen vehicle’s OBD-II connector, the MSNBC post said.

Now listen up, Viper fans — you can protect yourselves and make sure that you don’t suffer from the same super-swift car theft.

We asked our engineers and experts here for the best tips on just what these criminals are doing and how car owners can fight back against them.

They told us:

Number 1. In order to steal a car, the thief doesn’t need to reprogram the key right away. The criminal just needs to bypass the vehicle immobilizer quickly using potentially bulkier equipment — and drive away. Key reprogramming can be dealt with later at a secure location with less time constraint (let’s say 15-30 minutes).

Number 2. BMW security has a hole: It employs a relatively weak, 48-bit Hitag system that can be hacked in under 3 minutes using computer hardware costing less than $10,000. There is also a known weakness in the randomization of the security key and its dependency on the CAS (one of the vehicle’s modules) dump. Such a dump is available over OBD connector. In other words, all components for a system are available on the Internet and putting the system together does not require a lot of technical skill.

Our experts were quite sure that BWM engineers are well aware of these shortcomings and are working on tighter the security and probably on upgrading their encryption method as well. That will address BMW’s security issue — but also will make any key-cracking job harder.

Number 3. In order to deploy such a system, one needs to bypass the vehicle alarm system. The OEM one-way security is susceptible to jamming while more sophisticated two-way systems provide real-time status feedback and have additional sensors, etc.

Get connected to your vehicle and get ahead of the criminals: Thieves will always find a way to get into your car – what you need is real-time awareness of when/where someone tries to violate your vehicle.